I found your comment interesting since I work with industrial control systems used in refineries and pipeline operations. I work with the applications that interface with the HMI's, Plc's, and Omni flow control systems. I find the work very interesting and after designing and implementing software for 28 years that is saying something. So far the security aspects of the systems is being handled pretty well with all the network infrastructure buried behind firewalls and using VPN services to handle all the traffic. Could someone compromise the system from outside? I suppose anything is possible but in this case I don't see how that could be done easily. One thing that has struck me is how people talk about using software exploits to shutdown these types of operations when it would be much easier to physically attack the actual pipelines. While there is a security presence there is no way a 1000 mile pipeline can be constantly guarded. The Tank farms, booster stations, and operation facilities are well guarded but blowing up a pipeline would shutdown the operations. It's the same for people who drone on about the NSA or government collecting personal data. It would be much easier for the NSA to recruit insiders in companies like Google, MS, or CISCO. Low paid data center employees would be the place to start recruitment. An insider can keep an eye on things and be ready to help the NSA or any other intelligence service when needed. One good example of needing insiders to exploit a secure control system was the Stuxnet exploit that targeted Iran's centrifuges. The exploit would never have succeeded if the people behind the exploit did not have someone to walk in the Iranian operation center and insert a USB stick containing the exploit into a PC.